Go to DBLP homepageAuthenticating Web User's Identity through Browsing Sequences Modeling
Abstract: With the number of users on the Web increasing sharply, how to effectively verify users' identities in order to prevent account theft as well as identity fraud is urging. In this paper, we utilize the web browsing sequences of users, which can directly reflect the logical trajectories of individuals in cyberspace, to depict the profile for each user. Based on these profiles, two approaches are proposed to authenticate the web user's identity. The first one is MSIA (Markov Sequence based Identity Authentication). In MSIA, we construct a behavioral Markov model to depict each user's logical behavior. The second one is SPIA (Sequence and Preference based Identity Authentication). In SPIA, two non-sequential features, i.e. the browsing time and the classes of web pages, are further included in MSIA to strengthen the modeling ability. In addition, both of these two approaches are user-friendly, which means the process of behavioral authenticating is running as daemons. The daemons verify user's identity continuously and invisibly during the whole browsing period, instead of one-time authentication at login stage. Based on the behavioral data of 1000 users collected from China Internet Network Information Center, we verify the proposed methods on 1,496,758 test sequences. The experimental results show that the average accuracy of both authentication methods is up to 90%.
Loading